otel added

SCT-Engineering · Mar 11, 2025 · 138fc14 · 138fc14
1 parent 7d1d643
commit 138fc14
Show file tree

Hide file tree

Showing 5 changed files with 148 additions and 5 deletions.
diff --git a/lab/_envcommon/default-versions.hcl b/lab/_envcommon/default-versions.hcl
@@ -32,6 +32,7 @@ locals {
     metrics-server = "kube-system"
     postgresql     = "kube-system"
     keycloak       = "kube-system"
+    gogatekeeper   = "kube-system"
     istio          = "istio-system"
     kiali          = "istio-system"
     grafana        = local.telemetry_namespace
@@ -57,6 +58,12 @@ locals {
   cert_manager_version             = "1.17.1"
   cert_manager_webhook_tag         = "v${local.cert_manager_version}"
 
+  ################
+  # GoGatekeeper
+  ################
+  gogatekeeper_tag = "3.2.1"
+  gogatekeeper_chart_version = "gatekeeper-0.1.53"
+
   ################
   # Grafana
   ################

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-gogatekeeper/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-gogatekeeper/terragrunt.hcl
@@ -0,0 +1,77 @@
+include "root" {
+  path           = find_in_parent_folders("root.hcl")
+  merge_strategy = "deep"
+  expose         = true
+}
+
+terraform {
+  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-gogatekeeper.git?ref=keycloak"
+  extra_arguments "retry_lock" {
+    commands  = get_terraform_commands_that_need_locking()
+    arguments = ["-lock-timeout=20s"]
+  }
+}
+
+dependency "eks" {
+  config_path                             = "../eks"
+  mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
+  mock_outputs = {
+    cluster_name      = "mock-cluster"
+    oidc_provider_arn = "arn:aws-us-gov:iam::123456789012:oidc-provider/mock"
+  }
+}
+
+dependency "eks_dns" {
+  config_path                             = "../eks-dns"
+  mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
+  mock_outputs = {
+    cluster_domain    = "mock.example.com"
+  }
+}
+
+dependency "eks_grafana" {
+  config_path                             = "../eks-grafana"
+  mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
+  mock_outputs = {
+    public_endpoint    = "mock.grafaba.example.com"
+  }
+}
+
+dependency "eks_keycloak" {
+  config_path                             = "../eks-keycloak"
+  mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
+  mock_outputs = {
+    public_endpoint    = "mock.keycloak.example.com"
+  }
+}
+
+dependencies {
+  paths = [
+    "../eks",
+    "../eks-dns",
+    "../eks-grafana",
+    "../eks-keycloak",
+    "../eks-prometheus",
+  ]
+}
+
+inputs = {
+  # Base Cluster Config
+  cluster_domain = dependency.eks_dns.outputs.cluster_domain
+  namespace      = include.root.inputs.namespaces["gogatekeeper"]
+  profile        = include.root.inputs.aws_profile
+  region         = include.root.inputs.aws_region
+
+  # Gatekeeper Config
+  gogatekeeper_tag = include.root.inputs.gogatekeeper_tag
+  gogatekeeper_chart_version = include.root.inputs.gogatekeeper_chart_version
+  keycloak_public_url = dependency.eks_keycloak.outputs.public_endpoint
+
+  # Service Behind Gatekeeper Config
+  service_name           = "grafana"
+  redirection_url = dependency.eks_grafana.outputs.public_endpoint
+  # client_id = dependency.eks_keycloak.outputs.client_id
+  # client_secret = dependency.eks_keycloak.outputs.client_secret
+  client_id = "client_id"
+  client_secret = "client_secret"
+}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-grafana/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-grafana/terragrunt.hcl
@@ -32,9 +32,7 @@ dependency "eks_loki" {
 dependencies {
   paths = [
     "../eks",
-    "../eks-config",
     "../eks-dns",
-    "../eks-karpenter",
     "../eks-loki"
   ]
 }

diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-otel/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-mcm/eks-otel/terragrunt.hcl
@@ -0,0 +1,61 @@
+include "root" {
+  path           = find_in_parent_folders("root.hcl")
+  merge_strategy = "deep"
+  expose         = true
+}
+
+terraform {
+  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-open-telemetry.git?ref=main"
+  # source = "../../../../../../../tfmod-open-telemetry"
+  extra_arguments "retry_lock" {
+    commands  = get_terraform_commands_that_need_locking()
+    arguments = ["-lock-timeout=20s"]
+  }
+}
+
+dependencies {
+  paths = [
+    "../eks",
+    "../eks-loki",
+    "../eks-prometheus",
+    "../eks-tempo"
+  ]
+}
+
+dependency "eks" {
+  config_path = "../eks"
+  mock_outputs = {
+    cluster_name = "a-cluster-name"
+  }
+}
+
+dependency "eks-loki" {
+  config_path = "../eks-loki"
+  mock_outputs = {
+    gateway_internal_endpoint = {
+      hostname   = "loki-gateway.telemetry.svc.cluster.local"
+      portNumber = "80"
+      url        = "http://loki-gateway.telemetry.svc.cluster.local:80/"
+    }
+  }
+}
+
+dependency "eks-tempo" {
+  config_path = "../eks-tempo"
+  mock_outputs = {
+    tempo_otlp_endpoint = {
+      hostname   = "tempo.telemetry.svc.cluster.local"
+      portNumber = 4317
+      url        = "http://tempo.telemetry.svc.cluster.local:4317/"
+    }
+  }
+}
+
+inputs = {
+  profile        = include.root.inputs.aws_profile
+  cluster_name   = dependency.eks.outputs.cluster_name
+  region         = include.root.inputs.aws_region
+  namespace      = include.root.inputs.namespaces["otel"]
+  loki_endpoint  = dependency.eks-loki.outputs.gateway_internal_endpoint.url
+  tempo_endpoint = dependency.eks-tempo.outputs.tempo_otlp_endpoint.url
+}
diff --git a/lab/development/us-gov-east-1/vpc/platform-eng-eks-srn/eks-tempo/terragrunt.hcl b/lab/development/us-gov-east-1/vpc/platform-eng-eks-srn/eks-tempo/terragrunt.hcl
@@ -25,7 +25,9 @@ dependency "eks-prometheus" {
   config_path                             = "../eks-prometheus"
   mock_outputs_allowed_terraform_commands = ["init", "plan", "validate", "destroy"]
   mock_outputs = {
+    prometheus_svc = "prometheus-server"
     prometheus_namespace = "prometheus"
+    prometheus_port = 80
     prometheus_server_internal_endpoint = {
       hostname    = "prometheus-server.prometheus.svc.cluster.local"
       port_number = 9090
@@ -37,9 +39,7 @@ dependency "eks-prometheus" {
 dependencies {
   paths = [
     "../eks",
-    "../eks-config",
     "../eks-dns",
-    "../eks-karpenter",
     "../eks-prometheus"
   ]
 }
@@ -55,12 +55,12 @@ inputs = {
   oidc_provider_arn = dependency.eks.outputs.oidc_provider_arn
 
   # Prometheus Configuration
+  prometheus_svc = dependency.eks-prometheus.outputs.prometheus_server_internal_endpoint.hostname
   prometheus_namespace = dependency.eks-prometheus.outputs.prometheus_namespace
   prometheus_port      = dependency.eks-prometheus.outputs.prometheus_server_internal_endpoint.port_number
 
   # Tempo Configuration
   tempo_chart_version = include.root.inputs.tempo_chart_version
   tempo_tag           = include.root.inputs.tempo_tag
   namespace           = include.root.inputs.namespaces["tempo"]
-
 }